[XCSSA] spl2 and mazzer

[xcssa@xcssa.org]

On Sunday 10 September 2006 00:16, xcssa-admin@xcssa.org wrote:
> Has anybody come across a root shell exploit called spl2? Fortunately,
> I caught it right after it happened and I've been trying to find what
> this exploit exploits.

Was this on a web server running PHP by chance?  Does the server allow end 
user shell logins?  Are you running SELinux?  Can you enable it and see if it 
still works (use "setenforce 1" then test again).

Tweeks